The GDPR is Nearly Here: Are you ready?

The GDPR is Nearly Here: Are you ready?

If your business has customers who live in the European Union, you have an important deadline approaching.

If your business has customers who live in the European Union, you have an important deadline approaching. On May 25, 2018, you need to be in compliance with the General Data Protection Regulation (GDPR).

Passed by the EU Parliament in 2016, GDPR is designed to provide data privacy rights to EU citizens and protect them from data breaches. This legislation spells out numerous requirements that companies must meet, such as:

Businesses must get customers’ consent to collect, process, and store their personal data. When companies ask for permission, they must use easy-to-understand terms rather than legal jargon. Plus, it must be easy for customers to withdraw their consent.

Companies can only collect, process, and store the personal data needed to complete a given task and not any extra information. Further, the data collected and stored for one task cannot be repurposed without further consent from customers.

Businesses must notify customers within 72 hours of first becoming aware of a breach that involves their personal data.

Companies need to include data protection measures when they are initially designing their systems rather than adding the measures later on.

All companies that collect, process, or store the personal data of EU citizens are required to comply with GDPR’s requirements, no matter where the organizations are located. For instance, US and Canadian businesses that have customers who live in the European Union must adhere to the regulation.

The penalties for noncompliance are high. The maximum fine, which is reserved for the most serious violations, is €20 million (around $24 million USD) or 4% of a company’s annual global turnover (whichever is greater). The fine structure is tiered, so smaller fines will be levied for less serious infractions.

There are resources available to help businesses understand the GDPR requirements. The official website, EUGDPR.org, has an extensive list of articles, videos, and other types of resources. Its sister site, EUGDPR.com, provides GDPR updates and news.

Some IT vendors also offer GDPR resources, many of which are free. Here are a few examples:

  • Microsoft provides an e-book, an online readiness assessment, webcasts, and whitepapers.
  • Trend Micro has an infographic, checklist, whitepaper, and webinar.
  • IBM furnishes an e-book, webinars, and whitepapers.
  • IT Governance offers a video, infographic, paper, and templates.

About the Author

Jay Hamilton is the Owner, President and CEO of Presage Solutions, Inc.

If you like what you see, get more delivered to your inbox weekly.
Click here to subscribe to our free premium content.

comments powered by Disqus

Digital Edition

  • Security Today Magazine - June 2018

    June 2018

    Featuring:

    • Penalty Free Security
    • Video Grand Slam
    • Out of Harm's Way
    • The Focus on Public Space
    • Think Beyond the Perimeter

    View This Issue

  • Environmental Protection
  • Occupational Health & Safety
  • Infrastructure Solutions Group
  • School Planning & Managmenet
  • College Planning & Management
  • Campus Security & Life Safety